³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þ×é¸ñʽ´íÎó£¡\rÕýÈ·µÄ¸ñʽÊÇ:'gr:001'");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

else

thegroup=(mid(trim(strfieldvalue),4))

end if

end if

tmpSQL="select * from t_group where owner='"&session("myid")&"' and groupidowner='"&thegroup&"'"

'response.write tmpsql

set tmprs=server.CreateObject("ADODB.Recordset")

tmprs.Open tmpsql,conn

if tmprs.bof or tmprs.eof then

'ûÓÐÕÒµ½¸Ã×é

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þ×飼%=thegroup%£¾Ã»ÓÐÕÒµ½£¡");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

else

if tmprs("personnum")=0 then

'×éÄÚûÓÐÓû§

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þ×飼%=thegroup%£¾ÖÐĿǰûÓÐÈκεÄÓû§\nËùÒÔ²»ÄÜ·¢ËÍ");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

else

strFieldValue=trim(tmprs("groupempl"))

tmprs.close

set tmprs=nothing

end if

end if

end if

if instr(strfieldValue,"|") then

'×é·¢

allsearch=replace(trim(strfieldValue),"|","','")

allsearch="'"&allsearch&"'"

tmpstring=trim(strfieldValue)&"|"

tosearch=""

do while len(tmpstring)£¾=5

tosearch=left(tmpstring,5)

tmpstring=mid(tmpstring,7)

if instr(tosearch,"|") then

'¸ñʽ´íÎó

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þÈ˸ñʽ´íÎó!");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

end if

tmpSQL="select * from (select userid from t_officer where userid in ("&allsearch&")) DERIVEDTBL where userid='"&tosearch&"'"

'response.write tmpsql

set tmprs=server.CreateObject("ADODB.Recordset")

tmprs.Open tmpsql,conn

if tmprs.eof or tmprs.bof then

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þÈË£¼%=tosearch%£¾Ã»ÓÐÕÒµ½!");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

end if

tmprs.close

set tmprs=nothing

loop

strfieldValue=trim(strFieldValue)

else

if len(trim(strFieldValue))£¼£¾5 then

'¸ñʽ²»ÕýÈ·

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þÈË£¼%=trim(strFieldValue)%£¾²»ÕýÈ·!");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

else

if isnumeric(trim(len(strFieldValue))) then

tmpSQL="select * from t_officer where userid='"&trim(strFieldValue)&"'"

set tmprs=server.CreateObject("ADODB.Recordset")

tmprs.Open tmpsql,conn

if tmprs.eof or tmprs.bof then

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þÈË£¼%=trim(strFieldValue)%£¾Ã»ÓÐÕÒµ½\r¸ÃÔ±¹¤¿ÉÄÜ»¹Ã»ÓÐ×¢²á!");

history.back();

£¼/script£¾

£¼p£¾

£¼%

response.end

end if

tmprs.close

set tmprs=nothing

strfieldValue=trim(strFieldValue)

else

%£¾

³¢ÊÔ·¢ËÍÓʼþ£¬µ«ÊÇʧ°ÜÁË£¬ÇëÐ޸ĴíÎóºóÖØÊÔ£¡

£¼script language="javascript"£¾

alert("ÄúÊäÈëµÄÊÕ¼þÈË£¼%=trim(strFieldValue)%£¾²»ÕýÈ·!");

history.back();

£¼/script£¾

£¼p£¾ £¼%

response.end

end if

end if

end if

end if

strFieldValue=replace(strFieldValue,"£¼","£¼")

'response.write strfieldname

rs(STRFIELDNAME)=replace(strFieldValue,"£¾","£¾")

binHTTPHeader=MIDB(binHTTPHeader,INSTRB( DataStart + 1, binHTTPHeader, divider ))

loop

'¿ªÊ¼´¦ÀíÎļþÊý¾Ý

titem=0

rs("filesize_1")=0

rs("filesize_2")=0

rs("filesize_3")=0

Do while lenB(binHTTPHeader)£¾46

if INSTRB( binHTTPHeader, bnCRLF & bnCRLF )£¼£¾0 then

binHeaderData = LeftB(binHTTPHeader,INSTRB( binHTTPHeader, bnCRLF & bnCRLF )-1)

else

exit do

end if

strHeaderData=bin2str(binHeaderData)

'¶ÁÈ¡ÉÏ´«ÎļþµÄContent-Type

lngFileContentTypeStart=Instr(strHeaderData,"Content-Type:")+Len("Content-Type:")

strFileContentType=Trim(Mid(strHeaderData,lngFileContentTypeStart))

strFileContentType=Replace(strFileContentType,vbCRLF,vbNullString)

'¶ÁÈ¡ÉÏ´«µÄÎļþÃû

if instr(strheaderdata,"filename=")£¾0 then

lngFileNameStart=Instr(strHeaderData,"filename="&chr(34))+Len("filename="&chr(34))

lngFileNameEnd=Instr(lngFileNameStart,strHeaderData,chr(34))

strFileName=Mid(strHeaderData,lngFileNameStart,lngFileNameEnd-lngFileNameStart)

strFileName=Trim(strFileName)

strFileName=Replace(strFileName,vbCRLF,vbNullString)

else

strfilename=""

end if

'¶ÁÈ¡ÉÏ´«ÎļþÊý¾Ý

DataStart = INSTRB( binHTTPHeader, bnCRLF & bnCRLF ) + 4

DataEnd = INSTRB( DataStart + 1, binHTTPHeader, divider ) - DataStart

If strFileName£¼£¾"" Then

if dataend£¾0 then

binFieldValue=MIDB( binHTTPHeader, DataStart, DataEnd )

'½«ÉÏ´«µÄÎļþдÈëÊý¾Ý¿â

titem=titem+1

'response.write "titem:"&titem

rs("FileContentType_"&titem)=strFileContentType

rs("FileContent_"&titem).AppendChunk binFieldValue

rs("filesize_"&titem)=lenb(binFieldValue)

rs("filename_"&titem)=strfilename

else

binfieldvalue=binhttpheader

end if

End if

if INSTRB( DataStart + 1, binHTTPHeader, divider )£¾0 then

binHTTPHeader=MIDB(binHTTPHeader,INSTRB( DataStart + 1, binHTTPHeader, divider ))

else

binhttpheader=""

end if

loop

rs("sizetotal")=csng(rs("filesize_1"))+csng(rs("filesize_2"))+csng(rs("filesize_3"))+csng(len(rs("body")))+csng(len(rs("emailtitle")))+csng(len(rs("emailshowname")))+csng(len("geterempl"))

if csng(rs("sizetotal"))£¾=csng(2*1024*1024) then

response.write "¶Ô²»Æð,ÎļþÌ«´ó£¬Ç뱣֤ÿ·âÓʼþµÄ×Ü´óС²»³¬¹ý2M!"

response.end

end if

rs("mailtime")=now

rs("readerempl")=""

if rs("receempl")£¼£¾"" then

rs("receempl")=session("myid")

rs("readerempl")=session("myid")

end if

rs("deleempl")=""

rs("deleverempl")=""

rs("sendmac")=strmac

rs.update

rs.close

set rs=Nothing

conn.Close

set conn=Nothing

%£¾

£¼script language=javascript£¾

window.open("mailok.ASP",target="_self")

£¼/script£¾

£¼/body£¾£¼/HTML£¾

¡¡¡¡×îºó£¬ÎÒÃÇÀ´½²½²ÈçºÎ°ÑÄÚÈÝ´ÓÊý¾Ý¿âÖжÁ³öÀ´£¬ÄÚÈÝÓÐÕâô¼¸À࣬һÀàÊÇä¯ÀÀÆ÷ÉÏ¿ÉÒÔÏÔʾµÄ£¬ÀýÈç*.htm£¬Ò»ÀàÊÇÐèÒªÏÂÔصģ¬ÀýÈç*.exe£¬»¹ÓÐÒ»ÖÖÊÇä¯ÀÀÆ÷¿ÉÒÔÏÔʾµ«ÊDz»Äܹ»ÈÃËûÏÔʾµÄ£¬ÀýÈç*.ASP£¬Çë¿´´úÂ룺

£¼%

Response.Buffer= true

Response.Clear

function getname(oriname)

thename=oriname

do while instr(thename,"/")£¾0

thename=mid(thename,instr(thename,"/")+1)

loop

do while instr(thename,"\")£¾0

thename=mid(thename,instr(thename,"\")+1)

loop

getname=thename

end function

function canexec(thechar)

if instr(thechar,".ASP")£¾0 then

canexec=false

exit function

end if

if instr(thechar,".asa")£¾0 then

canexec=false

exit function

end if

if instr(thechar,".ASPx")£¾0 then

canexec=false

exit function

end if

if instr(thechar,".asax")£¾0 then

canexec=false

exit function

end if

canexec=true

end function

mailID=request("mailID")

se=request("se")

if se£¼£¾1 and se£¼£¾2 and se£¼£¾3 then

response.end

end if

Set conn=server.createobject("adodb.connection")

set rs=server.createobject("adodb.recordset")

conn.open "DSN=;UID=;PWD="

sql="select * from t_mail where ((geterempl like '%"&session("myid")&"%' or deleempl like '%"&session("myid")&"%' or receempl like '%"&session("myid")&"%' ) and (not deleverempl like '%"&session("myid")&"%')) and mailid='"&mailid&"' "

rs.open sql,conn,3,3

if rs.eof or rs.bof then

response.end

end if

if rs("filecontenttype_"&trim(se))£¼£¾"text/plain" or (not canexec(getname(trim(rs("filename_"&trim(se)))))) then

Response.ContentType = rs("FileContentType_"&trim(se))

end if

'Response.AddHeader "content-type","application/x-msdownload"

if instr(response.contenttype,"application")£¾0 then

response.AddHeader "Content-Disposition","attachment;filename="&getname(trim(rs("filename_"&trim(se))))

end if

Response.BinaryWrite rs("FileContent_"&trim(se))

rs.close

set rs=Nothing

conn.close

set conn=nothing

%£¾

¡¡¡¡ÎÄÕµ½ÕâÀï¾Í½áÊøÁË£¬ÖÁÓÚÓʼþÊý¾Ý¿âµÄÊý¾Ý½á¹¹´ó¼Ò¸ù¾Ý´úÂë×Ô¼º×ÁÄ¥°É£¡